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I REMARKS 

! 

The above Amendments and these Remarks are in reply to the Final Office Action mailed 
August 26, 2005. An appropriate Petition 'for Extension of Time to Respond is submitted herewith, 
together with tie appropriate fee. | 

Claims 1-39 were pending in the Application prior to the outstanding Office Action. In the 
Office Action, the Examiner rejected claimjs 1-39, The present Reply amends claims 1-7, 9-24, 26- 
39 and adds claims 40-41 , leaving fbj- the Examiner's present consideration claims 1-41. 
Reconsideration of the rejections is requested. 



Summary of Examiner's Rejections 



Prior to the Final Office Action mailed August 26, 2005, Claims 1-39 were pending in the 
Application. In the Final Office Action mailjsd August 26, 2005, it was noted that several sheets of a 
submitted IDS were mistakenly submitted. Claims 1-39 were rejected under 35 U.S.C. § 1 12 as 
being indefinite for failing to particularly point out and distinctly claim that which Applicant regard as 
Claims 1-2, 5-13, 15-19, 22-l30and 32-39 were rejected under 35 U.S.C. § 103(a) as 



the invention. 



being unpatentable over Wiederhold (U.S. Patent No. 6,226,745) in view of Devine et al. (U.S. 

i 

Patent No. 6,606,708). Claims 3-4 and 20-21 were rejected under 35 U.S.C. § 103(a) as being 

i 

unpatentable over Wiederhold in view of Devine and further in view ofjavaworid.com. Claims 14 
and 31 were rejected under 35 U.S.C. § 1p3(a) as being unpatentable over Wiederhold in view of 
Devine and fu ther in view of javawortd.coirn and java.sun.com. 



II. 



Summary of Applicant's Amendments 



i 

The present Response amends Claims 1-7, 9-24 and 26-39, and adds Claim 40-41 , leaving 
for the Examiner's present considerationj Claims 1-41. Reconsideration of the Application, as 
amended, is respectfully requested. Applicant reserves the right to prosecute any originally 
piresented claims in a continuing or future [application. 
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Information Disclosure Statement 



submission. 
10/367,462. 



For thb IDS submitted on 6/30/20&5, the Examiner initialed two sheets of prior art labeled 
with the above-identified application number, 09/878,536, on 7/5/2005. Several other sheets, 
labeled with application numbers 10/122,599 and 10/367 p 462, were mistakenly attached to the 



Please disregard the sheets labeled with application numbers 10/122,599 and 



IV. Claimb Rejected Under 35 U.S.ti. € 112 



In the pffice Action mailed August 26, 2005, Claims 1-39 were rejected under 35 U.S.C. § 
1 12 as being ndefinite for failing to particularly point out and distinctly claim that which Applicant 
regards as the invention. Accordingly, cjaims 1-7, 8-24, and 26-39 have been amended by the 
current Response to correct any indeftniteness. Applicant respectfully submits that the claims as 
amended, together with the claims dependent therefrom, now properly conform to the requirements 
of 35 U.S.C. §! 112, and reconsideration tf >ereof is respectfully requested. 

V. Claims Rejected Under 35 U.S.C. S 103(a) 



Claims 1-2, 5-13, 15-19, 22-30, 
unpatentable over Wiederhold (US 6,226 



32-39 are rejected under 35 U.S.C. 103(a) as being 
745) in view of Devine et aL (US 6,606,708). Applicant 



respectfully traverses the rejection by demonstrating below that the claims are neither anticipated by 



nor obvious in 



Claim 1 



view of Wiederhold in view 



Claim 1 , as currently amended, de" 
request from a client to access a protected 



of Devine. 



ines an application interface mechanism for receiving a 
I application or resource. The client makes the request on 
the application container, and the application container calls the security server with the request and 
a callback handler. The security servicej includes a plurality of security providers that may be 
plugged into tlie security service, and which use the callback handler to request context information 
from the application container for the request Depending on the output from the security providers, 
tlhe security service determines require atl&astone of business logic and functionality entitlements 
for the client to use with the protected application. 
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Devine . on the other hand, teaches a secure server architecture for web based data 
management A double firewalled systerrj is disclosed for protecting remote enterprise servers that 

provide communication services to telecommunication network customers from unauthorized third 

t 

parties. Data security protocols provide fcjr an identification of the user, and an authentication of the 

i 

user, and a determination of entitlements }hat the user may avail themselves of within the enterprise 

i 

system. (Abstract). j 

Claim 1 requires use of a callback fiandlerio request context information from the application 

container. This context information is the getting in which the access request is made. (Spec. p. 6 f 

i 

para 001 8). The context information includes the identity of the tanget (if available), the values of the 
Request's parameters, the values of profile attributes associated with the initiating principal, 
potentially environmental information such as the network or IP address of the initiating client, and 
potentially oth 3r information. (Spec. p. 1 3j para 001 0 and 0044). The context information is typically 
utilized as values of parameters in an expression that is to be evaluated by a rules or expression 
evaluation engine. (Spec. p. 13, paraj0045). Callbacks to application containers from the 
authorization provider provide context information without prior knowledge of any business policies. 
(Spec p. 16, 

implementation of the Service Provider Interfaces, the provider is capable of requesting specific 
context infonrjation be returned. When tjhe container's callback handler is called, the container 



responds by populating the callbacks with 
container is aware of changes to business 



is driven by th 



3 evaluation of specific busjness policy expressions. (Spec. p. 16, para 0055). 



defined in De\ 



the appropriate values. Neither the application, nor the 
policy since they are queried for context information that 



Devine . on the other hand, does not teach a callback handler or context information, Devine 
does not use callbacks to request context! information. Instead, Devine teaches that when a user 
logs into a specific application with a ID and password, an application server retrieves user 
entitlements for that application from a StarOE server, (col. 27, lines 15-18). Devine teaches that 
the user logs into the specific application on a Web Page (col. 27, line 34) using a GUI interface. 
(Fig. 6). The user's entitlements as used in Devine are limited to the permit or deny concept. As 



ine . entitlements represent 



; specific services to which the user has subscribed and 
has privilege 1p access. (Col. 16, lines 46-47). Thus, the server application is only requesting 
permissions information for a specific appjication from the StarOE server for the user. Neither the 
application server nor the StarOE server! request any context information related to the user's 

-11 - 
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request to acsess the specific application in order to determine a user's entitlements. Because 
neither server is requesting context infornrlation, neither server uses callbacks or callback handlers. 
Further, neither server is the same thing as an application container, as required by Claim 1, 
because neither server is receiving a requbstfor context information. Further, the GUI interface into 
which the usor logs on to the applicatiorj, does not read on the use of callbacks and call back 
handlers because the GUI interface only handles the means by which the user makes a request to 
access an ap )lication. Thus, Devine does not teach callbacks, callback handlers, use of context 
information or application containers, as required by Claim 1. 

Applicant respectfully submits thfat the embodiment as defined in Claim 1 is neither 



anticipated by 



respectfully requests reconsideration of the claim 



Claims 18 anfcl 35 

The comments 
For similar 
Claims 18 anc 
taken alone or 



nor obvious in view of Wiederhold or Devine , taken alone or in combination, and 



reasons 



provided above with respect to Claim 1 are incorporated herein by reference, 
as provided above with respect to Claim 1 , Applicant respectfully submits that 
35 are likewise neither anticipated by, nor obvious in view of the cited references, 
in combination, and reconsideration thereof is respectfully requested. 



Claims 2, 5-13, 15-17, 19, 22-30 and 32-39 

Claims 2, 5-1 3. 1 5-1 7 P 1 9, 22-30 and 32-39 are not addressed separately but it is respectfully 
submitted that these claims are allowable as depending from an allowable independent claim and 
farther in view of the comments provided above. Applicant respectfully submits that these claims 
afre similarly ne ither anticipated by, nor obvious in view of the cited references, and reconsideration 
thereof is respectfully requested. 

It is also submitted that these claims also add their own limitations which render them 
patentable in their own right Applicant reserves the right to argue these limitations should it 
biecome necessary in the future. j 
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3-4 and 20-21 were rejected under 35 U.S.C. § 103(a) as being unpatentable over 
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0021 



3-4 and 20-21 are not addrfessed separately but it is respectfully submitted that these 
allowable as depending from an allowable independent claim and further in view of the 
provided above. Applicant respectfully submits that these claims are similarly neither 
, nor obvious is view of the cited references, and reconsideration thereof is respectfully 



a so 



necessary 



submitted that these claims 
their own right. Applicant 
in the future. 



also add their own limitations which render them 
reserves the right to argue these limitations should it 



Claims 14 and 31 were rejected under 35 U.S.C. § 103(a) as being unpatentable over 
Wiederhold (U.S. Patent No. 6,226,745) in view of Devine et al. (U.S. Patent No, 6,606708) and 
further in view) ofjavaworid.com and javaJsun.com. 

i 
i 

Claims 14 anld 31 1 
r ! 
Claims 14 and 31 are not addressed separately but it is respectfully submitted that these 

claims are allowable as depending from all allowable independent claim and further in view of the 

comments provided above. Applicant respectfully submits that these claims are similarly neither 

anticipated by nor obvious is view of the cited references, and reconsideration thereof is respectfully 

requested. 

It is also submitted that these claims also add their own limitations which render them 

reserves the right to argue these limitations should it 



patentable in 



their own right. Applicant 



become necessary in the future. 



VI. 



New C 



laims 



Claim 40 

New Claim 
comprise , 

of entitlements with the protected application, as entitlements reflect not only the technical aspects 
of the secure envir 



40 depends from independent Claim 1. Claim 40 require that entitlements 
: atlekstone of business logic ancl functionality entitlements. A client may use these types 

ironment (the permit or d£ny concept), but can be used to represent the business 
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logic or functionality required by the server provider. (Spec, p. 6-7, para 001 8). These entitlements 
clearty denote what a particular user maJ or may not do with a particular resource, in a particular 



context- (Spfec,, p. 6 r para 0018). An example of this entitlements capability is provided in a 
business example of "Can Dr. Smith update Jon Joe's medical chart?" (Spec., p.7 r para 0019). 

, it is possible to add the necessary context of who's the 
Smith is Jon Joe's personal physician or perhaps an 
attending physician, Dr. Smith is entitled to update Jon Joe's chart. In a permission-based 
authorization kystem, on the other hand, this context is absent, as the resource is "medical charf 
object, the request is to 'update' and the Subject is 'Dr. Smith.' Dr. Smith, in this case, either has 



Using the enticements required by claim 
patient in question. For example, if Dr. 



permission or 



I 

does not have permission tb update the medical chart. 



Devine is such a permission-based authorization system. Entitlements as used in Devine 



are limited to the permit or deny concept. As defined in Devine , entitlements represent specific 
services to which the user has subscribe ji and has privilege to access. (Col. 16, lines 46-47). A 
user may have read and write privileges with respect to one application and only read privileges with 
respectto anojther application. (Col. 27, lines 21-23). These read and write privileges are standard 
read and write permissions found in manyj permission-based authorization systems. Thus Devine 
does not teach business logic or functionality entitlements, as required in Claim 40. Applicant 
submits that Claim 40 is neither anticipated by, nor obvious in view of the cited references, taken 
alone or in combination, and consideration thereof is respectfully requested. 

Claim 41 

New C aim 41 depends from Clainjl . Claim 41 requires that context information comprises 
at least one of the identity of the protected resource or application, one or more values of access 
request parameters and network or internpt protocol address of the client The comments provided 
above with respect to Claim 1 regarding context information are incorporated herein by reference. 
For similar reasons as provided above witi respect to Claim 1 B Applicant respectfully submits that 
Claim 41 is likewise neither anticipated by, nor obvious in view of the cited references, taken alone 
dr in combination, and consideration thereof is respectfully requested. 
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usion 



In light of the above, it is respectfully submitted that all of the claims now pending in the 

subject patent application should be allowable, and a Notice of Allowance is respectfully requested. 

: i 

The Examiner is respectfully requested to telephone the undersigned if she can assist in any way in 
expediting issuance of a patent 

Enclosed is a PETITION FOR EXTENSION OF TIME UNDER 37 C.F.R. § 1.136 for 
extending the time to respond up to and including January 26, 2005. 

The C )mmissioner is authorized to charge any underpayment or credit any overpayment to 
Deposit Account No. 06-1325 for any matter in connection with this response, including anyfee for 



extension of ti 



Date: T..^ 2A DS*r r 



FLIESLER MEYER 
FrOur 

San Francises 
Telephone: 
Customer No 



Embarcadero 



(415) 



me, which may be required 



Respectfully submitted, 



By:, 



/Julie Di 



! Daniels Missud 
Reg. No. 51,330 



LLP 

Center, Fourth Floor 
California 9411 1-4156 
362-3800 
23910 
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